Protecting Backhaul for 4G/5G Radio Access Network

The "flat" packet-based architectures of 4G and upcoming 5G have potentially increased the mobile infrastructure’s exposure to cyber attacks with end-to-end IP core infrastructure. The elimination of the radio network controller (RNC) has resulted in a direct and unprotected signaling of user plane paths between RANs and the EPC in 4G/4.5G and between NG-RANs and 5G-NGC. In 4G/4.5G, this may result in Stream Control Transmission Protocol (SCTP)-based attacks to manipulate mobile management entity (MME) functions and/or GPRS Tunneling Protocol (GTP)-based attacks to manipulate serving gateway (sGW) functions.

In 5G for example, this can result in access management function (AMF), session management function (SMF), and user plane function (UPF) manipulation. Similar types of attacks can be carried out on both X2/Xn control and data planes, resulting in possible service denial and rogue RANs. The 3rd Generation Partnership Project (3GPP) recommends the use of security gateways (SecGWs) to handle IPsec tunnels between RANs and EPC/5G-NGC for the communication of S1/X2 and N2/N3/Xn traffic.

Implemented as a VNF or as a physical appliance (PNF), FortiGate enables a complete set of SecGW functionalities targeting possible attacks and manipulation of 4G and 5G RANs to EPC/NGC interfaces (S1/X2 and N2/N3) including:

High-performance stateful firewalling and content inspection

SCTP and GTP firewall

Quality of service (QoS) support, including traffic rate limiting and queuing

DoS protection

High-performance IPsec VPN concentrator

RANs to EPC/NGC authentication support

ESP and IKEv2 support

SCTP multi-homing support

FortiGates for this use case can be implemented only at the network edge or in a more distributed SecGW architecture at the RAN level to ensure both security and low latency X2/Xn traffic.

Physical Appliance (PNF) or Virtual Network Function (VNF)

FortiGate SecGW can be implemented as a PNF with high availability (HA) and the highest proven scalability. Fortinet’s custom security processors provide hardware acceleration to meet today and tomorrow’s traffic and session volume with minimum latency and no compromise on the depth and range of the delivered security services.